I have uploaded 2 video’s.
I have set “allowed origins” on both video’s.
On video 1 I have set a . domain . com
On video 2 I have set b . domain . com
On both subdomains I created an index.html with the same content, both video’s.
On a . domain . com I can watch both video’s.
On b . domain . com I can watch only one video, I only see a picture (first frame) of the other video. But on b . domain . com I can watch video 1, instead of the configured video 2…
When I remove the “allowed origins” settings, nothing changes…
Does anyone have an idea on what I’m doing wrong?
Sorry for the spaces in the url’s, I wasn’t allowed to use them otherwise…
Thanks!
I have the same situation… whitelistening a domain doesn’t really prevent other domains from streaming the same embedded video.
Also with signing URL functionality, if you grab the token from dev. tools and you add: “watch.cloudflarestream.com/” in front of it, the video plays perfectly… which shouldn’t as cfstream.com it’s another domain than the one you whitelisted!!!
I’m not a Stream customer. However, the “allowed origins” setting(?) to which you refer sounds like an Access-Control-Allow-Originhttp header. If that’s the case, read this:
as well as this:
and have a look at this particular, fairly common, CORS error:
along with most, if not all CORS errors:
and since I’m unsure of your production server, there’s this: